fix(frontmatter): Restrict code fence length (#16334)

weihanglo · web-flow · commit 9e691e700b58 · 2025-12-03T22:36:14.000Z
### What does this PR try to resolve? Port rust-lang/rust#149358 over to Cargo ### How to test and review this PR?
diff --git a/src/cargo/util/frontmatter.rs b/src/cargo/util/frontmatter.rs
@@ -75,6 +75,14 @@ impl<'s> ScriptSource<'s> {
                     raw.len()..raw.len(),
                 ).push_visible_span(open_start..open_end));
             }
+            _ if u8::try_from(fence_length).is_err() => {
+                return Err(FrontmatterError::new(
+                    format!(
+                        "too many `-` symbols: frontmatter openings may be delimited by up to 255 `-` symbols, but found {fence_length}"
+                    ),
+                    open_start..open_end,
+                ));
+            }
             _ => {}
         }
         source.open = Some(open_start..open_end);
diff --git a/tests/testsuite/script/rustc.rs b/tests/testsuite/script/rustc.rs
@@ -270,6 +270,14 @@ fn fence_mismatch_2() {
     assert_failure(fixture_path, assertion_path);
 }
 
+#[cargo_test(nightly, reason = "-Zscript is unstable")]
+#[rustfmt::skip]  // code-generated
+fn fence_too_many_dashes() {
+    let fixture_path = "tests/testsuite/script/rustc_fixtures/fence-too-many-dashes.rs";
+    let assertion_path = "tests/testsuite/script/rustc_fixtures/fence-too-many-dashes.stderr";
+    assert_failure(fixture_path, assertion_path);
+}
+
 #[cargo_test(nightly, reason = "-Zscript is unstable")]
 #[rustfmt::skip]  // code-generated
 fn fence_unclosed_1() {
diff --git a/tests/testsuite/script/rustc_fixtures/fence-too-many-dashes.rs b/tests/testsuite/script/rustc_fixtures/fence-too-many-dashes.rs
@@ -0,0 +1,9 @@
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+[dependencies]
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+
+#![feature(frontmatter)]
+
+// check that we limit fence lengths
+
+fn main() {}
diff --git a/tests/testsuite/script/rustc_fixtures/fence-too-many-dashes.stderr b/tests/testsuite/script/rustc_fixtures/fence-too-many-dashes.stderr
@@ -0,0 +1,5 @@
+[ERROR] too many `-` symbols: frontmatter openings may be delimited by up to 255 `-` symbols, but found 256
+ --> script:1:1
+  |
+1 | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
+  | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
